Ax1806 Firmware@1.0.0.1 Security Vulnerabilities and Issues — Ax1806 Firmware@1.0.0.1 CVE List

Lucene search

TendaAx1806 Firmware1.0.0.1

50 matches found

CVE•added 2022/03/10 5:47 p.m.•101 views

CVE-2022-25550

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceName parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2024/05/20 6:15 p.m.•99 views

CVE-2024-35576

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.

5.2CVSS7.4AI score0.00091EPSS

CVE•added 2022/03/10 5:47 p.m.•92 views

CVE-2022-25566

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/03/10 5:47 p.m.•79 views

CVE-2022-25548

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/05/02 1:15 p.m.•77 views

CVE-2022-28572

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in SetIPv6Status function

8.8CVSS9.3AI score0.0616EPSS

CVE•added 2024/05/20 6:15 p.m.•77 views

CVE-2024-35579

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv.

7.7CVSS7.7AI score0.00228EPSS

CVE•added 2022/03/10 5:47 p.m.•75 views

CVE-2022-25557

Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2024/05/20 6:15 p.m.•75 views

CVE-2024-35580

Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.

9.8CVSS7.7AI score0.00431EPSS

CVE•added 2022/03/10 5:47 p.m.•73 views

CVE-2022-25555

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/03/10 5:47 p.m.•73 views

CVE-2022-25558

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/03/10 5:47 p.m.•72 views

CVE-2022-25554

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/03/10 5:47 p.m.•71 views

CVE-2022-25552

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/03/10 5:47 p.m.•70 views

CVE-2022-25547

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.

7.8CVSS7.6AI score0.00451EPSS

CVE•added 2022/03/10 5:47 p.m.•70 views

CVE-2022-25551

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsDomain parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/03/10 5:47 p.m.•70 views

CVE-2022-25553

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsPwd parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2024/05/20 6:15 p.m.•69 views

CVE-2024-35578

Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv.

8CVSS7.7AI score0.00163EPSS

CVE•added 2022/03/10 5:47 p.m.•68 views

CVE-2022-25546

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter.

7.8CVSS7.6AI score0.00451EPSS

CVE•added 2022/07/06 5:15 p.m.•68 views

CVE-2022-34597

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.

9.8CVSS9.8AI score0.06108EPSS

CVE•added 2022/07/01 6:15 p.m.•64 views

CVE-2022-32031

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.

7.8CVSS7.7AI score0.00385EPSS

CVE•added 2022/07/01 6:15 p.m.•64 views

CVE-2022-32033

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.

7.8CVSS7.7AI score0.00394EPSS

CVE•added 2022/03/10 5:47 p.m.•63 views

CVE-2022-25549

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter.

7.8CVSS7.6AI score0.00328EPSS

CVE•added 2022/05/06 2:15 p.m.•63 views

CVE-2022-28969

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS).

7.8CVSS7.5AI score0.00328EPSS

CVE•added 2022/05/06 2:15 p.m.•58 views

CVE-2022-28971

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS).

7.8CVSS7.5AI score0.00328EPSS

CVE•added 2022/05/06 2:15 p.m.•56 views

CVE-2022-28972

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS).

7.8CVSS7.5AI score0.00328EPSS

CVE•added 2022/05/06 2:15 p.m.•55 views

CVE-2022-28970

Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS).

7.8CVSS7.5AI score0.00328EPSS

CVE•added 2022/07/01 6:15 p.m.•53 views

CVE-2022-32032

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.

10CVSS9.7AI score0.02743EPSS

CVE•added 2024/07/15 5:15 p.m.•53 views

CVE-2024-40414

A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

9.8CVSS6.8AI score0.00236EPSS

CVE•added 2022/07/01 6:15 p.m.•52 views

CVE-2022-32030

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.

7.8CVSS7.7AI score0.00385EPSS

CVE•added 2024/05/20 6:15 p.m.•52 views

CVE-2024-35571

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.

9.8CVSS7.4AI score0.00431EPSS

CVE•added 2022/05/06 2:15 p.m.•51 views

CVE-2022-28973

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS).

7.8CVSS7.5AI score0.00328EPSS

CVE•added 2024/07/15 6:15 p.m.•51 views

CVE-2024-40415

A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

9.8CVSS7.4AI score0.00236EPSS

CVE•added 2024/04/26 8:15 p.m.•50 views

CVE-2024-4238

A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this vulnerability is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be launched remotel...

9CVSS6.9AI score0.0041EPSS

CVE•added 2024/04/26 9:15 p.m.•50 views

CVE-2024-4239

A vulnerability was found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. The expl...

9CVSS6.8AI score0.00372EPSS

CVE•added 2024/08/26 4:15 p.m.•48 views

CVE-2024-44551

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.

9.8CVSS7.5AI score0.00256EPSS

CVE•added 2024/08/26 4:15 p.m.•48 views

CVE-2024-44552

Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.

9.8CVSS7.5AI score0.0013EPSS

CVE•added 2024/08/26 1:15 p.m.•48 views

CVE-2024-44556

Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.

9.8CVSS7.6AI score0.0013EPSS

CVE•added 2024/08/26 4:15 p.m.•47 views

CVE-2024-44555

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.

9.8CVSS7.5AI score0.00256EPSS

CVE•added 2024/08/26 4:15 p.m.•46 views

CVE-2024-44550

Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.

9.8CVSS7.5AI score0.00256EPSS

CVE•added 2024/07/15 6:15 p.m.•44 views

CVE-2024-40416

A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

9.8CVSS7.4AI score0.00236EPSS

CVE•added 2024/04/26 7:15 p.m.•44 views

CVE-2024-4237

A vulnerability, which was classified as critical, was found in Tenda AX1806 1.0.0.1. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exp...

9CVSS7AI score0.00387EPSS

CVE•added 2024/08/26 4:15 p.m.•44 views

CVE-2024-44557

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.

9.8CVSS7.5AI score0.00249EPSS

CVE•added 2024/08/26 4:15 p.m.•43 views

CVE-2024-44553

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv.

9.8CVSS7.5AI score0.00256EPSS

CVE•added 2024/08/26 12:15 p.m.•43 views

CVE-2024-44563

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.

9.8CVSS7.6AI score0.00249EPSS

CVE•added 2024/08/26 1:15 p.m.•42 views

CVE-2024-44558

Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo.

9.8CVSS7.6AI score0.00256EPSS

CVE•added 2024/08/26 4:15 p.m.•41 views

CVE-2024-44549

Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.

9.8CVSS7.5AI score0.0013EPSS

CVE•added 2024/08/26 12:15 p.m.•41 views

CVE-2024-44565

Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set.

9.8CVSS7.6AI score0.00249EPSS

CVE•added 2023/11/07 3:15 p.m.•40 views

CVE-2023-47456

Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.

9.1CVSS9.2AI score0.00171EPSS

CVE•added 2024/07/10 4:15 p.m.•39 views

CVE-2024-40417

A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow.

6.5CVSS6.7AI score0.00072EPSS

CVE•added 2024/07/19 5:15 p.m.•39 views

CVE-2024-41492

A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5CVSS7.1AI score0.00066EPSS

CVE•added 2023/11/07 3:15 p.m.•36 views

CVE-2023-47455

Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.

9.1CVSS9.2AI score0.00223EPSS